package com.han.hotelplat.comm;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.allinpay.xmltrans.pojo.TranxCon;
import com.han.hotelplat.comm.ResponseWrapTo.CodeType;

public class SecurityFilter implements Filter
{
	@Override
	public void destroy()
	{
	}

	@Override
	public void doFilter(ServletRequest req, ServletResponse res,
			FilterChain fc) throws IOException, ServletException
	{
		HttpServletRequest hsq=(HttpServletRequest)req;
		HttpServletResponse hss=(HttpServletResponse)res;
		String path=hsq.getRequestURI();
		if(path.indexOf("/cms/")>-1 
				&& path.indexOf("/cms/systemuser/login")==-1
				&& path.indexOf("/cms/systemuser/creatCMSUser") == -1)
		{
			if(hsq.getSession().getAttribute(Constant.CMS_SESSION_LOGIN_USER)==null)
			{
				res.setContentType("text/html;charset=UTF-8");
				String data = new ResponseWrapTo(CodeType.forbidden, "用户未登录", null).toJson();
				res.getWriter().write(data);
				res.getWriter().flush();
				return;
			}else
			{
				/*if(hsq.getHeader("referer")==null)
				{
					res.setContentType("text/html;charset=GBK");
					res.getWriter().write("请不要直接输入地址!");
					res.getWriter().flush();
					return;
				}*/
			}
		}/*else
		{
			if(hsq.getSession().getAttribute(Constant.SESSION_ADMIN_KEY)==null)
			{
				res.setContentType("text/html;charset=UTF-8");
				StringBuilder sb=new StringBuilder("<script type='text/javascript'>");
				sb.append("window.top.location='").append(hsq.getContextPath()).append("/belrare/loginInput.do';");
				sb.append("</script>");
				res.getWriter().write(sb.toString());
				res.getWriter().flush();
				return;
			}else
			{
				if(hsq.getHeader("referer")==null&&!hsq.getRequestURI().endsWith("manage/sys/uploadInput.do"))
				{
					res.setContentType("text/html;charset=GBK");
					res.getWriter().write("请不要直接输入地址!");
					res.getWriter().flush();
					return;
				}
			}
		}*/
		fc.doFilter(req, res);
	}

	@Override
	public void init(FilterConfig fc) throws ServletException
	{
		String contextPath=fc.getServletContext().getRealPath("/");
		Constant.IMG_PATH=contextPath+Constant.IMG_PATH;
		Constant.pfxPath = contextPath + Constant.pfxPath;
		Constant.tltcerPath = contextPath + Constant.tltcerPath;
		Constant.cerPath = contextPath + Constant.cerPath;
		System.err.println("证书路径:"+Constant.pfxPath);
		System.err.println("密钥路径:"+Constant.cerPath);
		System.err.println("密钥路径:"+Constant.tltcerPath);
		
		System.err.println("上传图片路径:"+Constant.IMG_PATH);
		
		Constant.stateExpMap.put(Constant.TASK_STATE_CANCER, "取消");
		Constant.stateExpMap.put(Constant.TASK_STATE_CREAT, "发布中");
		Constant.stateExpMap.put(Constant.TASK_STATE_END, "已完成");
		Constant.stateExpMap.put(Constant.TASK_STATE_HASSERVICE, "已服务");
		Constant.stateExpMap.put(Constant.TASK_STATE_INSERVICE, "服务中");
		Constant.stateExpMap.put(Constant.TASK_STATE_WAITSERVICE, "待服务");
		Constant.stateExpMap.put(Constant.TASK_STATE_STOP, "已停止");
	}
	
}